Latest News

Are your votes in safe hands?

A Council breached the Data Protection Act by accidentally dumping hundreds of local residents’ postal vote statements in a skip.

The statements – which were disposed of by an external contractor on the council’s behalf – included people’s names, addresses, dates of birth and signatures. Despite the council’s best efforts, 951 statements have not been recovered and are believed to have ended up in landfill or been destroyed.

The ICO’s investigation found that the council did not have a contract in place with the organisation processing this personal information. The council also failed to provide their contractor with instructions on how the information should be kept secure, as required under the Act.

“While councils can hire contractors to process personal information on their behalf, they must remember that they are still ultimately responsible for ensuring people’s information is kept secure. Obviously little thought was given to this when the statements were disposed of in the skip.

Simon Entwisle, Director of Operations said:

“While councils can hire contractors to process personal information on their behalf, they must remember that they are still ultimately responsible for ensuring people’s information is kept secure. Obviously little thought was given to this when the statements were disposed of in the skip.”

It is increasingly important that organisations both large and small are disposing of confidential waste securely and in accordance with current data protection legislation.

With fines of up to £500,000 for a breach of data protection this now applies to every organisation ranging from a 2 employee organisation to one with 1000’s.